Overview
- Description
- Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unlock the device remotely by resetting the Samsung Account password with SMS verification when user lost the device.
- Source
- mobile.security@samsung.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.8
- Impact score
- 5.9
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:samsung:find_my_mobile:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "4185038B-DDD2-47F6-9C44-9CC2EF57615A",
"versionEndExcluding": "7.3.13.4"
}
],
"operator": "OR"
}
]
}
]